Last updated: 
5 days 14 hours ago
Blog Manager
One of Jisc’s activities is to monitor and, where possible, influence regulatory developments that affect us and our customer universities, colleges and schools as operators of large computer networks. Since Janet and its customer networks are classified by Ofcom as private networks, postings here are likely to concentrate on the regulation of those networks. Postings here are, to the best of our knowledge, accurate on the date they are made, but may well become out of date or unreliable at unpredictable times thereafter. Before taking action that may have legal consequences, you should talk to your own lawyers. NEW: To help navigate the many posts on the General Data Protection Regulation, I've classified them as most relevant to developing a GDPR compliance process, GDPR's effect on specific topics, or how the GDPR is being developed. Or you can just use my free GDPR project plan.

Group administrators:

Intelligent Campus: Risks, Benefits and Ethics

Thursday, April 4, 2019 - 11:55

[Re-purposing an unused introduction to my full paper - "See no... Hear no... Track no..: Ethics and the Intelligent Campus" - that was published in the Journal of Information Rights, Policy and Practice this week]

The Intelligent Campus is a microcosm of the Smart City. Smart cities, according to Finch and Tene, may be "more livable, more efficient, more sustainable and more democratic" or "turn into electronic panopticons in which everybody is constantly watched". Intelligent Campuses amplify both of these possibilities since – unlike cities where space and data are owned by many different organisations – a university may well control and monitor the whole physical and digital infrastructure of its students’ lives, from bed to workplace to social spaces. Students and staff might well consider such monitoring "creepy", or worse. But that single control, and the strong shared interest between campus managers and occupants, may make the goal of smart citizenship easier to achieve on campus than in cities, where political and commercial interests have largely limited the relationship to a paternalistic one, at best.

Our responses to monitoring depend not only on fact, but on sentiment. Attitudes to electronic monitoring, in particular, are often set by the behaviour of social networks and other commercial service providers. Campus occupants used to hearing that they are "the new oil" or "digital silkworms" (Brown & Marsden, 2013) need to be reassured about the purposes, intentions and incentives of those who monitor, as well as how monitoring is currently performed. Campus managers therefore need to ensure their plans and actions are acceptable to both their organisation and the campus occupants. If not, occupants may well respond by changing behaviour – for example swapping identities or providing deliberately incorrect data – in ways that undermine both the intelligent campus and, more importantly, its primary purposes of research and education.

As well as smart city literature, tools borrowed from other fields can guide us towards intelligent campuses that are accepted by their occupants. Many implementation issues are shared with Radio Frequency Identification (RFID) technologies, for which a toolkit was endorsed by European Data Protection Regulators in 2011. When selecting appropriate purposes for intelligent campus technologies, ethics codes on using digital data for research and policy formation are relevant.

Intelligent campuses can be viewed as having three 'senses': sight, sound and location. Sight includes PIR sensors that indicate whether or not a desk is occupied, and face recognition analysis of live video images; sound can record conversations, or detect whether a room is empty; location and movement of devices and individuals can be gathered from wireless access points, door access or payment cards. As these examples indicate, all three senses cover a similar, wide, range of intrusiveness. Rather than ranking the senses, it is better to generalise and extend the four-level impact scale from the RFID guidance: presence, counting, identifying, recording and (new) analysing. This gives an immediate indication of the likely level of intrusiveness, and the depth of analysis and mitigation likely to be required.

The context from which information is gathered can significantly affect both intrusiveness and perception. A standalone Passive Infra-Red (PIR) desk-occupancy monitor is much less intrusive in a hotdesk area than a personal, locked office, or if its data are linked to login or other information that can identify individuals. Some spaces, such as bedrooms, offices and toilets, are always considered more sensitive, but universities may also have spaces such as counselling services and some laboratories where monitoring, and its results, require particular protection. Sight sensors naturally respect opaque boundaries, such as walls, but sound and location may leak through them.

While an extended version of the RFID toolkit provides guidance on controls – such as organisation and policy, system architecture, sensor choice, and other risk reduction measures familiar when protecting personal data – these may be insufficient to ensure acceptability. For this we need to consider not just legal questions ('what can we do?') but also ethical ones ('what should we do?'). Kitchin identifies six ethical concerns for smart cities: datafication, dataveillance and geosurveillance; inferencing and predictive privacy harms; anonymisation and re-identification; obfuscation and reduced control; notice & consent empty or absent; data use, sharing and repurposing. The Menlo Principles for digital research ethics and the UK Government's 2016 Data Science Ethical Framework for policy formation reinforce the need for organisational controls, but add choice of purpose; robust models (in both theoretical and data science senses); and awareness of – possibly changing - public perception.

One of the greatest challenges in either a smart city or intelligent campus is to ensure that occupants are informed about data collection and use. Much data collection takes place through passive observance, unlinked to any specific action by the individual (entry and payment cards are a rare exception); many internet of things sensors are designed to be unobtrusive. Individual occupants may well be, or become, unaware of data collection, reducing the effectiveness of traditional protections such as notice, consent and objection. In any case, it is often unreasonable to rely on individual actions to control risk: individuals cannot realistically avoid using campus infrastructures, and should not be burdened with daily, or even more disruptive, consent decisions.

The concept of "smart citizenship" may well help with this transparency challenge, as well as identifying acceptable uses of intelligent campus technologies and holding institutions accountable for their activities. Rather than viewing citizens as "consumers or testers", authors such as Cardullo and Kitchin propose involving them from the start in the selection, design and monitoring of smart city or intelligent campus. Policies or proposals that feel unfair, creepy, or worse, to citizens will be discovered – and improved or rejected – at an early stage, before money or infrastructure has been deployed. Such an approach also reflects the ethical need to be aware of public sentiment, and the legal requirement for Data Protection Impact Assessments to consider consultation with individuals. Smart citizens guide the development of their city, rather than merely occupying it. The complexity of cities has, so far, prevented the achievement of this concept. The simpler organisation of an intelligent campus might be an opportunity to show how it can be done.

Reference (book)

Brown, I & Marsden, C. (2013) Regulating Code: Good Governance and Better Regulation in the Information Age. Cambridge: MIT Press.